Wednesday, November 23, 2005

The Future of Worms

Worms will likely continue to become more advanced over time. A decade ago, no one would have imagined a worm such as Code Red could launch without any action on the part of the user.The Timofonica worm is a telling example of what the future might hold. This worm spreads among digital phone users, circulating a message targeted at a Spanish cellular phone company, Telefonica. Infected phones display the message (in Spanish), “Telefonica is deceiving you.”

Although this worm does very little physical damage, it does suggest that attacks against digital phones and PDAs (personal digital assistants) are probably an inevitable part of the near future. Such portable devices are a convenient and tempting target for attacks. After all, modern digital phone address books store more phone numbers and email addresses than they did in the past.

In addition, many of today’s digital phones are web-enabled, blurring the lines between the amount of damage a worm could do to a digital phone and the amount of damage a worm could do to a network. For example, a worm could infect digital phone and PDA content, digital phone signals, address books, and web servers.

Another thing we’ll likely see more of is the use of worms in advertising. For instance, the FriendGreetings.com Trojan horse’s payload includes a worm that sends spam (unsolicited mass-mailing advertisements) to everyone in a user’s address book.

Plus, Code Red demonstrated another type of power worms have: the ability to alter web content. If you consider all the possibilities this type of power could unleash, its potential damage can be rather frightening. For example, a hacker could in theory use a worm to target news-related web sites and alter the content of these sites to create panic with bogus news stories. Or a hacker working for a company might consider altering the web site of a competitor to falsely announce a major product recall. The consequences of such a recall could cause stockholders to frantically (and unnecessarily) sell shares of that company’s stock. And these are only a couple of scenarios—the possibilities are endless.

These are hypothetical situations, of course, but within the last few years, we’ve seen worms evolve in complexity at an astonishing rate. Just three years ago, we wouldn’t have worried about viewing an email message in a preview pane. In fact, we wouldn’t have even worried about opening an email message; it was only the suspect attachments we worried about. Today’s worms rank among the greatest of all Internet security risks and can propagate with little or no interaction on the part of the user.

Worms are likely to continue their assault on the Internet and seek new and unforeseen ways of slithering right past you—undetectable until you again download the most recent updates from your anti-virus software developer’s web site.